[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1055350: marked as done (bookworm-pu: package exfatprogs/1.2.0-1+deb12u1)

Your message dated Sat, 09 Dec 2023 10:20:37 +0000
with message-id <83d3a3621a56b9af1e20d36ee9d390a46ab64a8a.camel@adam-barratt.org.uk>
and subject line Closing requests for updates included in 12.3 point release
has caused the Debian Bug report #1055350,
regarding bookworm-pu: package exfatprogs/1.2.0-1+deb12u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1055350: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055350
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian.org@packages.debian.org
Usertags: pu
X-Debbugs-Cc: exfatprogs@packages.debian.org
Control: affects -1 + src:exfatprogs

[ Reason ]
https://security-tracker.debian.org/tracker/CVE-2023-45897
Low priority security issue, out-of-bounds memory access
in the exFAT fsck utility exfat2img helper.

[ Impact ]
Low priority security issue is fixed.

[ Tests ]
Manual tests performed that effected tools still work.

[ Risks ]
-

[ Checklist ]
  [X] *all* changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in (old)stable
  [X] the issue is verified as fixed in unstable

[ Changes ]
Adds a patch bundling the three upstream commits
which are referenced together with the CVE ID.

gbp.conf and Vcs-Git reference the bookworm branch


[ Other info ]
There wasn't a bug filled for this CVE in the BTS.
The regular upload of 1.2.2 to unstable fixed the
issue before the CVE ID was published, so there
is not yet a CVE ID mentioned in the unstable
changelog.

diff -Nru exfatprogs-1.2.0/debian/changelog exfatprogs-1.2.0/debian/changelog
--- exfatprogs-1.2.0/debian/changelog	2022-10-28 14:48:05.000000000 +0200
+++ exfatprogs-1.2.0/debian/changelog	2023-11-04 17:56:01.000000000 +0100
@@ -1,3 +1,11 @@
+exfatprogs (1.2.0-1+deb12u1) bookworm; urgency=medium
+
+  * CVE-2023-45897 Add debian/patches/CVE-2023-45897-out-of-bounds-memory-access
+    to fix three out-of-bounds memory access issues.
+  * Add bookworm branch information to Vcs-Git and gbp.conf.
+
+ -- Sven Hoexter <hoexter@debian.org>  Sat, 04 Nov 2023 17:56:01 +0100
+
 exfatprogs (1.2.0-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru exfatprogs-1.2.0/debian/control exfatprogs-1.2.0/debian/control
--- exfatprogs-1.2.0/debian/control	2022-10-28 14:47:18.000000000 +0200
+++ exfatprogs-1.2.0/debian/control	2023-11-04 17:38:34.000000000 +0100
@@ -6,7 +6,7 @@
 Standards-Version: 4.6.1
 Rules-Requires-Root: no
 Homepage: https://github.com/exfatprogs/exfatprogs
-Vcs-Git: https://git.sven.stormbind.net/exfatprogs.git
+Vcs-Git: https://git.sven.stormbind.net/exfatprogs.git -b bookworm
 Vcs-Browser: https://git.sven.stormbind.net/?p=sven/exfatprogs.git
 
 Package: exfatprogs
diff -Nru exfatprogs-1.2.0/debian/gbp.conf exfatprogs-1.2.0/debian/gbp.conf
--- exfatprogs-1.2.0/debian/gbp.conf	2022-10-28 14:19:18.000000000 +0200
+++ exfatprogs-1.2.0/debian/gbp.conf	2023-11-04 16:39:40.000000000 +0100
@@ -1,2 +1,3 @@
 [DEFAULT]
 pristine-tar = True
+debian-branch = bookworm
diff -Nru exfatprogs-1.2.0/debian/patches/CVE-2023-45897-out-of-bounds-memory-access exfatprogs-1.2.0/debian/patches/CVE-2023-45897-out-of-bounds-memory-access
--- exfatprogs-1.2.0/debian/patches/CVE-2023-45897-out-of-bounds-memory-access	1970-01-01 01:00:00.000000000 +0100
+++ exfatprogs-1.2.0/debian/patches/CVE-2023-45897-out-of-bounds-memory-access	2023-11-04 16:39:40.000000000 +0100
@@ -0,0 +1,67 @@
+Description: CVE-2023-45897 out-of-bounds memory access
+Origin: https://github.com/exfatprogs/exfatprogs/commit/ec78688e5fb5a70e13df82b4c0da1e6228d3ccdf
+ https://github.com/exfatprogs/exfatprogs/commit/22d0e43e8d24119cbfc6efafabb0dec6517a86c4
+ https://github.com/exfatprogs/exfatprogs/commit/4abc55e976573991e6a1117bb2b3711e59da07ae
+Last-Update: 2023-10-31
+Index: exfatprogs/exfat2img/exfat2img.c
+===================================================================
+--- exfatprogs.orig/exfat2img/exfat2img.c
++++ exfatprogs/exfat2img/exfat2img.c
+@@ -319,7 +319,7 @@ static int read_file_dentry_set(struct e
+ 	if (!node)
+ 		return -ENOMEM;
+ 
+-	for (i = 2; i <= file_de->file_num_ext; i++) {
++	for (i = 2; i <= MIN(file_de->file_num_ext, 1 + MAX_NAME_DENTRIES); i++) {
+ 		ret = exfat_de_iter_get(iter, i, &dentry);
+ 		if (ret || dentry->type != EXFAT_NAME)
+ 			break;
+Index: exfatprogs/fsck/fsck.c
+===================================================================
+--- exfatprogs.orig/fsck/fsck.c
++++ exfatprogs/fsck/fsck.c
+@@ -769,7 +769,7 @@ ask_again:
+ 		char *rename = NULL;
+ 		__u16 hash;
+ 		struct exfat_dentry *stream_de;
+-		int name_len, ret;
++		int ret;
+ 
+ 		switch (num) {
+ 		case 1:
+@@ -798,11 +798,11 @@ ask_again:
+ 		if (ret < 0)
+ 			return ret;
+ 
++		ret >>=1;
+ 		memcpy(dentry->name_unicode, utf16_name, ENTRY_NAME_MAX * 2);
+-		name_len = exfat_utf16_len(utf16_name, ENTRY_NAME_MAX * 2);
+-		hash = exfat_calc_name_hash(iter->exfat, utf16_name, (int)name_len);
++		hash = exfat_calc_name_hash(iter->exfat, utf16_name, ret);
+ 		exfat_de_iter_get_dirty(iter, 1, &stream_de);
+-		stream_de->stream_name_len = (__u8)name_len;
++		stream_de->stream_name_len = (__u8)ret;
+ 		stream_de->stream_name_hash = cpu_to_le16(hash);
+ 	}
+ 
+@@ -856,7 +856,7 @@ static int read_file_dentry_set(struct e
+ 	if (!node)
+ 		return -ENOMEM;
+ 
+-	for (i = 2; i <= file_de->file_num_ext; i++) {
++	for (i = 2; i <= MIN(file_de->file_num_ext, 1 + MAX_NAME_DENTRIES); i++) {
+ 		ret = exfat_de_iter_get(iter, i, &dentry);
+ 		if (ret || dentry->type != EXFAT_NAME) {
+ 			if (i > 2 && repair_file_ask(iter, NULL, ER_DE_NAME,
+Index: exfatprogs/include/exfat_ondisk.h
+===================================================================
+--- exfatprogs.orig/include/exfat_ondisk.h
++++ exfatprogs/include/exfat_ondisk.h
+@@ -40,6 +40,7 @@
+ /* exFAT allows 8388608(256MB) directory entries */
+ #define MAX_EXFAT_DENTRIES	8388608
+ #define MIN_FILE_DENTRIES	3
++#define MAX_NAME_DENTRIES	17
+ 
+ /* dentry types */
+ #define MSDOS_DELETED		0xE5	/* deleted mark */
diff -Nru exfatprogs-1.2.0/debian/patches/series exfatprogs-1.2.0/debian/patches/series
--- exfatprogs-1.2.0/debian/patches/series	1970-01-01 01:00:00.000000000 +0100
+++ exfatprogs-1.2.0/debian/patches/series	2023-11-04 16:39:40.000000000 +0100
@@ -0,0 +1 @@
+CVE-2023-45897-out-of-bounds-memory-access

--- End Message ---
--- Begin Message --- 
Package: release.debian.org
Version: 12.3

Hi,

Each of the updates discussed in these requests was included in this
morning's 12.3 bookworm point release.

Regards,

Adam

--- End Message ---
Reply to: